Nowadays many modern mobile devices such as a mobile phone or a personal digital assistant (PDA) are supporting more and more different data communication modes. For example, a modern mobile device can support the Bluetooth communication mode and one or more wireless local area network (LAN) modes. These modes allow to integrate the device into a network, such as a Personal Area Network (PAN) or a LAN.
Furthermore, the mobile devices are becoming personalized, i.e. each person carries her or his own mobile phone, PDA, laptop, etc.
The increasing number of these devices also results in greater numbers of devices being lost. Today, more important than the monetary value of these devices is the data which could be accessed by a third person, if he gets your device. Several solutions to the security of such personal mobile devices integrated into a LAN or PAN have been proposed, wherein the user is provided with a master key or card, which allows to access and use his/her other products such as a printer or a data storage center and to exchange personal data with trusted devices.
However, this requires that the user has to carry the master key or card everywhere, and the loss of the master key or card would lead to potential security threat for the rest of the equipment. Furthermore, the user may be incapable of using his/her own equipment, at least for some time. Particularly in business environments with security authorities, this might lead to a further problem when the user is unable to use his/her mobile phone since she/he lost his/her central master key. In such a case, the user would be unable to contact the security authorities, and hence would not be able to quickly recover the master key.
All these limited solutions arise because of the limitation of the known data communication protocols which require to have a sender and a receiver, and hence when translated into an authentication mechanism, a master-slave set-up. This means that a device must establish a master-slave connection with a central master station and authenticate itself with the central master station by using a master key or card.
U.S. 2005/0114650A1 discloses a hybrid authentication method between nodes of a network, wherein a central and a distributed infrastructure for authentication of nodes for integration into the network are provided. Authentication of nodes of the network may be performed with support from either the distributed infrastructure or the central infrastructure, thus alleviating the above mentioned drawback of wireless networks in which authentication requires a central master station.